CodeQL library for JavaScript
Search

Module ZipSlip

Import path

import semmle.javascript.security.dataflow.ZipSlipCustomizations

Classes

AdmZipEntrySource

An archive entry path access using the adm-zip package.

CreateWriteStreamSink

A call to fs.createWriteStream, as a sink for unsafe archive extraction.

FileSystemWriteSink

A file path of a file write, as a sink for unsafe archive extraction.

Sink

A data flow sink for unsafe archive extraction.

Source

A data flow source for unsafe archive extraction.

UnzipEntrySource

An archive entry path access, as a source for unsafe archive extraction.

Aliases